ETS Engineer IV - ID & Access Management

To research, evaluate, design, implement, and maintain system and product solutions, applying knowledge of engineering principles related to Client Identity Access, Authorization, and Authentication (IAM).

To provide technical direction, engineering support for projects, and infrastructure build for IAM solutions. Develop and maintain a working knowledge of evolving IT engineering industry technologies / competition, vendors, concepts, and trends directly related to Identity, Authorization, and Authentication for business to client (.

Navy Federal Online Banking and other channels).

• Drives future strategies for enterprise MIAM systems and processes by collaborating with internal business units, external partners & vendors to enhance member experience and ensure flexible and scalable architecture.
• Provides forward-looking industry perspectives, established and emerging product and technology reviews, and sets best practices across Member IAM solutions.
• Serve as Subject Matter Experts (SME) in Member / Customer Identity & Access Management (CIAM) and fraud prevention via multiple member-facing channels.

ATM Branch Contact Center Digital (Online & Mobile App)

• Drives the modernization and implementation of Multi-Factor Authentication (MFA, Passwordless, and other emerging Technologies and methodologies.
• Ability to administer and provide support for IAM applications such as ForgeRock, RSA, Daon, Ping, Azure, and SiteMinder components (.

Policy Servers, Databases, and Directories).

• Design, develop, and maintain Java-based custom-developed authentication journeys using the ForgeRock IAM platform to ensure secure and seamless user authentication and access control.
• Collaborate with the DevOps team to deploy and manage ForgeRock IAM instances in production and non-production environments.
• Participate in code reviews and provide constructive feedback to team members to maintain code quality and consistency.
• Experience in setup, configuration, and management of Policy servers, Web agents, Secure Proxy Servers, and Federation.
• Develop and support federations with internal systems and external organizations.
• Implement changes through multiple environments utilizing the Change Management process.
• Develop project plans, scope, schedule, and clear and concise communications.
• Apply engineering principles to the design and enhancement of new and existing systems.
• Document new system components or modifications to existing components.
• Ensure the security and integrity of system and product solutions, including compliance with Navy Federal, industry engineering, and Information Security principles and practices.
• Present clear, organized, and concise information to all audiences through a variety of media to enable effective business decisions.
• Perform engineering tasks and assignments in support of business needs.
• Perform engineering technology research, procurement, deployment, and configuration for new and modified systems.
• Perform other duties as assigned.
• Experience that demonstrates a strong knowledge and skill of information security technology focusing on IAM Applications (.

ForgeRock, RSA, Daon, Ping, Azure, SiteMinder, .

• Experience deploying ForgeRock on Azure Kubernetes Service (AKS).
• Experience supporting multiple IAM environments. Must be confident in implementing, configuring, managing, and deploying IAM products.
• Experience and expert knowledge of information security analysis and design techniques.
• Effective understanding of data security practices and procedures, including systems analysis, authentication technologies, and access controls.

Priorities will be given to those with expert knowledge and skill in UNIX / Linux system administration and scripting, Identity Federation, SAML, JBoss, and Directory Services / LDAP.

• Effective experience in project planning and time management skills.
• Strong planning and organizational skills.
• Strong research, analytical, and problem-solving skills.
• Strong verbal, written, and interpersonal communication skills, including proficiency in negotiating and persuading others.
• Ability to present findings and conclusions clearly and concisely.

Desired Qualifications

• Bachelor's Degree in business, information technology, or related fields.
• CISSP, CISA, CCSP, or other related Information Security certifications.
• MBA, Master's Degree, PMP, MSCE / MCITP, Linux certifications.
• Experience with Agile methodologies (., SAFe).
• ForgeRock Identity & Access Specialist or Professional certification(s).
• Experience with multiple open-source authentication protocols, including SAML, OAuth, and OpenID.
• Experience with CA SiteMinder components, policy servers, databases, and directories.
• Experience with Ping Identity products.
• Experience with Azure Active Directory Federation.
• Experience with Kubernetes and Docker services.
• Knowledge of the financial services industry.
• Experience with the Daon IdentityX Platform.
• Strong experience with automated testing for Azure DevOps (ADO) pipelines using Java.
• Experience leveraging several libraries and frameworks with tools such as NeoLoad, Selenium or RestAssured.

Hours : Monday - Friday, 8 : 00AM - 4 : 30PM

Location : 820 Follin Lane, Vienna, VA 22180